#vulnerability research
6 stories taggedvulnerability research.

ChocoPoC: The Fake Exploit Repos Turning Bug Hunters Into Victims
A Python-based infostealer is hiding inside GitHub proof-of-concept code marketed to vulnerability researchers, siphoning credentials, cookies, and files before dropping a remote shell.

Anthropic's AI Model Found Vulnerabilities in Classified U.S. Government Systems
An unnamed U.S. official says Anthropic's Mythos model identified security flaws in sensitive government infrastructure during a joint exercise with intelligence agencies.

OpenAI Hands GPT-5.5-Cyber to 'Trusted Defenders' Under Daybreak
The model is pitched at deep codebase analysis and vuln patching. The interesting part is who gets access — and what shows up in the post-mortem when they don't.

Mythos Isn't Vapor: Inside the SAST Tool Quiet-Skeptics Are Starting to Believe
A short defense of a controversial static analysis startup, and what its findings actually look like under the hood.

Microsoft Cages the Agent: MXC, MDASH, and the Push to Govern Autonomous AI at Runtime
Microsoft is shipping a dedicated containment environment for agentic AI workloads, alongside open-source governance frameworks and expanded vulnerability-scanning capabilities — all aimed at reining in what autonomous coding agents can actually do.

When the Hardware Isn't There: Coaxing Vulnerable Drivers Into Range
BYOVD research keeps colliding with a stubborn problem — many kernel drivers refuse to talk unless their device is plugged in. New work shows how to make them talk anyway.